/// <summary>
/// Update password of user account
/// </summary>
/// <param name="currentPassword">current password of user</param>
/// <param name="newPassword">new password of user</param>
private void UpdateUserAccountPassword(string currentPassword, string newPassword)
{
//Check if passwords were entered OR if new password and current password are the same. if so, s
if ((newPassword.Length > 0 && currentPassword.Length > 0) || (!newPassword.Equals(currentPassword)))
{
UserAccountEntry userAccount = db.GetUserAccountCredentials(Global.employee.EmailAddress);
if (userAccount != null)
{
//Check if entered current password really is current password. If so, update user account with updated credentials
if (PasswordCryptoLogic.VerifyPassword(currentPassword, userAccount.PasswordSalt, userAccount.PasswordHash))
{
UserAccountEntry userAccountNew = new UserAccountEntry(Global.employee.EmailAddress, newPassword);
userAccountNew.EmployeeId = Global.employee.Id;
//Update User Account DB
db.UpdateUserAccountPassword(userAccountNew);
}
else
{
throw new TrainingPlatformException("Your current password does not match up with the entered current password.");
}
}
else
{
Debug.WriteLine("No user account was found");
throw new Exception();
}
}
}
/// <summary>
/// Login with email and password
/// </summary>
/// <param name="emailAddress">Email address</param>
/// <param name="password">Password</param>
/// <returns>true if login successfull</returns>
public bool Login(string emailAddress, string password)
{
//Get user account
UserAccountEntry userCredentials = db.GetUserAccountCredentials(emailAddress);
if (userCredentials == null)
{
return(false);
}
//verify password
if (PasswordCryptoLogic.VerifyPassword(password, userCredentials.PasswordSalt, userCredentials.PasswordHash))
{
Employee employee = db.GetEmployeeById(userCredentials.EmployeeId);
if (employee == null)
{
Debug.WriteLine($"ERROR during retrieving employee with id {userCredentials.EmployeeId}");
throw new Exception();
}
employee.EmailAddress = emailAddress;
userCredentials = null;
//Get all trainings
Training.Trainings = db.GetTrainings();
//Get all training bookings of current user
employee.TrainingBooking = db.GetTrainingBooking(employee.Id);
if (employee.Role.Equals(Role.ROLE_ADMIN))
{
Employee.Employees = db.GetAllEmployees();
}
//assign employee object to global employee
Global.employee = employee;
return(true);
}
return(false);
}
public UserAccountEntry(string emailAddress, string password)
{
this.PasswordSalt = PasswordCryptoLogic.GenerateSalt();
this.PasswordHash = PasswordCryptoLogic.ComputeHash(password, this.PasswordSalt);
this.EmailAddress = emailAddress;
}